$_POST['refid'] = 0;
if ($GLOBALS['refid'] > 0) {
// Test if the refid is valid
- $result = SQL_QUERY_ESC("SELECT userid FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT userid FROM `{!MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
// Userid found?
// Check for IP timeout?
if (getConfig('ip_timeout') > 0) {
// Check his IP number
- $result = SQL_QUERY_ESC("SELECT joined, last_update FROM `"._MYSQL_PREFIX."_user_data` WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT joined, last_update FROM `{!MYSQL_PREFIX!}_user_data` WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
array(GET_REMOTE_ADDR(), getConfig('ip_timeout'), getConfig('ip_timeout')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Same IP in timeout range and different email address entered... Eat this, faker! ;-)
// Create user's account... //
//////////////////////////////
//
- SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
+ SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
array(
$countryRow,
} // END - if
// Write his welcome-points
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=0 LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_user_points` WHERE userid=%s AND ref_depth=0 LIMIT 1",
array(bigintval($userid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Add only when the line was not found (maybe some more secure?)
$locked = "points";
if (getConfig('ref_payout') > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails!
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, ".$locked.") VALUES (%s,0,'%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_user_points` (userid, ref_depth, ".$locked.") VALUES (%s,0,'%s')",
array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__);
// Update mediadata as well
foreach ($_POST['cat'] as $cat => $joined) {
if ($joined == "Y") {
// Insert category entry
- SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_cats (userid, cat_id) VALUES (%s, %s)",
+ SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_user_cats` (userid, cat_id) VALUES (%s, %s)",
array(bigintval($userid), bigintval($cat)), __FILE__, __LINE__);
} // END - if
} // END - foreach
define('__COUNTRY_CONTENT', $OUT);
} else {
// Old out-dated variant
- define('__COUNTRY_CONTENT', "<INPUT type=\"text\" name=\"cntry\" class=\"guest_normal\" size=\"2\" maxlength=\"3\" value=\"".__COUNTRY."\">");
+ define('__COUNTRY_CONTENT', "<input type=\"text\" name=\"cntry\" class=\"guest_normal\" size=\"2\" maxlength=\"3\" value=\"{!__COUNTRY!}\" />");
}
// Set MUST_??? constants